<?php
include("../controller/database_connect.php");   

		if(isset($_GET['queryString'])) 
		{	$queryString = $_GET['queryString'];
			if(strlen($queryString) >0) {

				$query =mysql_query("SELECT contact_id,name FROM contacts WHERE user_id='2' and contact_type='vendors' and name LIKE '$queryString%'");
				if($query) {
				echo '<ul>';
					while ($result = mysql_fetch_array($query)) {
	         			echo '<li id="'.$result['contact_id'].'" onClick="fill(\''.addslashes($result['name']).'\',\''.addslashes($result['contact_id']).'\');">'.$result['name'].'</li>';
	         		}
				echo '</ul>';
					
				} else {
					echo 'OOPS we had a problem :(';
				}
			} else {
				$query =mysql_query("SELECT contact_id,name FROM contacts WHERE user_id='2' and contact_type='vendors' LIMIT 10");
				if($query) {
				echo '<ul>';
					while ($result = mysql_fetch_array($query)) {
	         			echo '<li  id="'.$result['contact_id'].'" onClick="fill(\''.addslashes($result['name']).'\',\''.addslashes($result['contact_id']).'\');">'.$result['name'].'</li>';
	         		}
				echo '</ul>';
					
				} else {
					echo 'OOPS we had a problem :(';
				}
			}
		} else {
			echo 'There should be no direct access to this script!';
		}
?>